In certain circumstances it would be nice to disable some accounts to change their own password (think group accounts).
I did not see any way of doing (I might be wrong) and thought it was a easy modification to this module to support and given the module name appropriate as well.

for your consideration
cheers

------------------------------------------------------------------------
<?php
// $Id: restrict_password_change.module,v 1.1 2008/11/06 02:32:53 jrglasgow Exp $
// by James Glasgow - Tribute Media - http://www.tributemedia.com

/**
* Implementation of hook_perm()
*/
function restrict_password_change_perm() {
return array('change other users password', 'change own password');
}

/**
* Implementation of hook_form_alter()
*/
function restrict_password_change_form_alter(&$form, $form_state, $form_id) {
global $user;
switch ($form_id) {
case 'user_profile_form':
//drupal_set_message('$form = 

'. print_r($form, TRUE) .'

');
// check to see if the form is for the current user or if they have permission
if(($user->uid != $form['_account']['#value']->uid) && !user_access('change other users password')) {
// password cannot be changed
$form['account']['pass']['#access'] = FALSE;
// e-mail address cannot be changed
$form['account']['mail']['#access'] = FALSE;
// they cannot be deleted
$form['delete']['#access'] = FALSE;
} else if(($user->uid == $form['_account']['#value']->uid) && !user_access('change own password')) {
// password cannot be changed
$form['account']['pass']['#access'] = FALSE;
// they cannot be deleted
$form['delete']['#access'] = FALSE;
}
}
}

Comments

jrglasgow’s picture

jrglasgow commented
Status: Active » Fixed

I have just commit this change

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.

nerdoc’s picture

nerdoc commented

ah - maybe I'm wrong - but I am using version 6.x-1.2 - and this bug is NOT fixed there. the .module file does NOT contain this code.
is this a regression? Was it forgotten to merge?
Or am I wrong somehow?

Christian

jrglasgow’s picture

jrglasgow commented
Status: Closed (fixed) » Active

hmm, I don't know what happened, I will have to look into it

wOOge’s picture

wOOge commented
Version: 6.x-1.0 » 6.x-1.2
Status: Active » Needs review

Here is a slight modification of @droetker's code and the latest 1.4 code. For your review and inclusion:
I changed it so that by default you *can* change passwords and you have to explicitly set the *inability* to change them.

<?php
// $Id: restrict_password_change.module,v 1.4 2009/08/23 03:51:31 jrglasgow Exp $
// by James Glasgow - Tribute Media - http://www.tributemedia.com

/**
 * Implementation of hook_perm()
 */
function restrict_password_change_perm() {
  return array(
    'cant change other users password',
    'cant change other users username',
    'cant change other users email',
    'cant delete other users',
    'cant block other users',

    'cant change own password',
    'cant change own username',
    'cant change own email',
    'cant delete own user',
    'cant block own user'

  );
}

/**
 * Implementation of hook_form_alter()
 */
function restrict_password_change_form_alter(&$form, $form_state, $form_id) {
  global $user;
  switch ($form_id) {
    case 'user_profile_form':

      /* Admin user so break out */
      if($user->uid == 1) { break; }
	  
	  if($user->uid != $form['_account']['#value']->uid) {
        if(user_access('cant change other users password')) { /*password cannot be changed*/ $form['account']['pass']['#access'] = FALSE; }
        if(user_access('cant change other users username')) { /* username cannot be changed*/ $form['account']['name']['#access'] = FALSE; }
        if(user_access('cant block other users')) { /* user cannot be blocked*/ $form['account']['status']['#access'] = FALSE; }
        if(user_access('cant change other users email')) { /* e-mail address cannot be changed*/ $form['account']['mail']['#access'] = FALSE; }
        if(user_access('cant delete other users')) { /* user cannot be deleted*/ $form['delete']['#access'] = FALSE; }
      }

      if($user->uid == $form['_account']['#value']->uid) {
        if(user_access('cant change own password')) { /*password cannot be changed*/ $form['account']['pass']['#access'] = FALSE; }
        if(user_access('cant change own username')) { /* username cannot be changed*/ $form['account']['name']['#access'] = FALSE; }
        if(user_access('cant block own user')) { /* user cannot be blocked*/ $form['account']['status']['#access'] = FALSE; }
        if(user_access('cant change own email')) { /* e-mail address cannot be changed*/ $form['account']['mail']['#access'] = FALSE; }
        if(user_access('cant delete own user')) { /* user cannot be deleted*/ $form['delete']['#access'] = FALSE; }
      }


      /* check to see if the form is for the current user or if they have permission
       check if user 1 - if not, prevent changing user 1 account
       regardless of permission to 'change other users password'*/ 
      if(($user->uid != 1) && ($form['_account']['#value']->uid == 1)) {
		// protect admin usr 1
		$form['account']['#access'] = FALSE;
		$form['theme_select']['#access'] = FALSE;
		$form['contact']['#access'] = FALSE;
		$form['submit']['#access'] = FALSE;
		$form['timezone']['#access'] = FALSE;
		$form['messaging']['#access'] = FALSE;
		$form['delete']['#access'] = FALSE;
      } 
      break;
  }
}
Anonymous’s picture

Anonymous (not verified) commented

Hello friend...There is a problem in my drupal installation. The option to change the password is not being shown. How to enable password change. Please help. Thank you...

wOOge’s picture

wOOge commented

Are you using this module? Can you provide more information?

Anonymous’s picture

Anonymous (not verified) commented

Yeah, I have installed the module, but I don't know how to configure, I mean, What all permissions should be given to authenticated users?

In a normal Drupal installation, in the 'edit' section of 'My Accounts' page, there will be space for entering the 'new password' twice, but, it is not shown in my Drupal installation at http://blogonity.com now. I don't know, when this problem started. I don't know whether there is any error in /admin/user/settings .

Will I be able to correct it using this module?

wOOge’s picture

wOOge commented

Check your permissions page first — also make sure you are logged in as the admin user (uid 1).

If that's not it, I would also clear the caches (admin/settings/performance), then disable all of the contrib modules you have installed, and and re-enable the modules one by one to find out if one of your currently installed modules has removed the password fields on you.

Anonymous’s picture

Anonymous (not verified) commented

The propblem was with Gigya socialize...hen i uninstalled it, the website works like a charm. Thank you for your suggestion

Anonymous’s picture

Anonymous (not verified) commented
Status: Needs review » Closed (fixed)